Safeguard
Tag

aibom

Safeguard articles tagged "aibom" — guides, analysis, and best practices for software supply chain and application security.

22 articles

FAQ

AI Agents and Supply Chain Security FAQ: 2026 Answers

Answers on where AI agents meet software supply chain security — the dependencies agents pull in, hallucinated packages, MCP servers as components, AIBOMs, and how Safeguard keeps the agentic supply chain governed.

Jul 8, 20265 min read
Tutorials

How to Create an AIBOM for Your AI Models

Build an AI Bill of Materials that inventories the models, datasets, adapters, and MCP tools your application depends on — using CycloneDX ML-BOM and commands you can run today.

Jul 8, 20265 min read
AI Security

What Is an AIBOM (AI Bill of Materials)? A 2026 Primer

An SBOM tells you what code you ship. An AIBOM answers the question that has no good answer today: what models, datasets, and prompts is our AI actually built on — and where did they come from?

Jul 7, 20265 min read
Buyer's Guides

Best AI Code Security Tools in 2026: An Honest Buyer's Guide

A balanced 2026 comparison of tools for securing AI-generated code and AI-native applications — Semgrep, CodeQL with Copilot Autofix, Snyk, Socket, Endor Labs, and model-layer tools — with an honest look at where Safeguard fits.

Jul 5, 20266 min read
FAQ

AIBOM (AI Bill of Materials): Frequently Asked Questions

A practical FAQ on AI bills of materials in 2026 — what an AIBOM captures, how it extends SBOMs to models and datasets, model provenance risks, formats, and governance drivers.

Jul 3, 20266 min read
Buyer's Guides

Best SBOM Tools in 2026: Generation, Management, and Compliance Compared

An honest guide to the best SBOM tools in 2026 — from open-source generators like Syft and Trivy to full SBOM management and AIBOM platforms — with clear guidance on which to use for generation, analysis, and compliance.

Jun 24, 20265 min read
AI Security

Patch the Planet: What AI-Generated Fixes Actually Mean for Open-Source Maintainers

OpenAI's Patch the Planet, co-founded with Trail of Bits, wants to move widely-used open-source projects from findings to fixes. The ambition is right — but it shifts the bottleneck to maintainer review, patch provenance, and the trust of machine-authored code.

Jun 24, 20266 min read
AI Security

AIBOM in 2026: Treating AI Models as a Software Supply Chain

The AI bill of materials is graduating from optional security artifact to procurement requirement. Here is what AIBOM/ML-BOM actually tracks in 2026, how it ties to the EU AI Act, and where it still falls short.

Jun 15, 20267 min read
Buyer's Guides

Best AIBOM Tools in 2026: AI Bill of Materials Platforms Compared

An honest, technical guide to the best AIBOM tools in 2026 — from the open-source OWASP AIBOM Generator to AI-BOM features in Snyk, Wiz, Mend, JFrog, and Manifest Cyber — with clear guidance on what an AI bill of materials should actually capture.

Jun 13, 20268 min read
Buyer's Guides

Best LLM Security Tools in 2026: Guardrails, Red Teaming, and Runtime Defense Compared

An honest guide to the best LLM security tools in 2026 — from open-source guardrails and red-teaming scanners like NeMo Guardrails, garak, and LLM Guard to runtime APIs and full AI security platforms — with clear guidance on which job each one actually does.

Jun 12, 20268 min read
AI Security

How to Audit the Dependencies of an AI Agent

An AI agent's dependency tree spans packages, MCP servers, models, and system prompts. A step-by-step audit method that actually enumerates all four layers.

Jun 12, 20266 min read
Buyer's Guides

Best AI Security Tools in 2026: Guardrails, Red Teaming, and Agentic AI Security Compared

An honest guide to the best AI security tools in 2026 — red-teaming and testing tools, runtime guardrails for prompt injection, agentic AI and MCP security, and the AI supply chain layer (AIBOM) — with a clear best-for line for each.

Jun 11, 20268 min read
aibom — Safeguard Blog